Blocker Hypervisor.DescriptorImpl.doFillCredentialsIdItems should have a permissions check lest it expose credentials IDs and descriptions to anonymous users. Check ssh-slaves-plugin for suggestions.
Credentials metadata leak in Hypervisor
-
Bastian Germann
-
Jesse Glick
- Votes:
-
1 Vote for this issue
- Watchers:
-
2 Start watching this issue
- Created:
- Updated:
- Resolved: